** Changed in: zorba
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Zorba
Coders, which is the registrant for Zorba.
https://bugs.launchpad.net/bugs/1020953

Title:
  segfault in modules/xml:parse()

Status in Zorba - The XQuery Processor:
  Fix Committed

Bug description:
  the following tests crash on windows in debug build (rev. 10908):

      test/rbkt/zorba/parsing_and_serializing/parse-fragment-skip-root-47 
(SEGFAULT)
      test/rbkt/zorba/parsing_and_serializing/parse-fragment-skip-root-51 
(SEGFAULT)
      test/rbkt/zorba/parsing_and_serializing/parse-xml-fragment-09 (SEGFAULT)
      test/rbkt/zorba/parsing_and_serializing/parse-xml-fragment-17 (SEGFAULT)

  valgrind reveals:

  valgrind zorba/build/test/rbkt/testdriver 
"zorba/parsing_and_serializing/parse-fragment-skip-root-47.xq"
  ==31358== Memcheck, a memory error detector
  ==31358== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
  ==31358== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
  ==31358== Command: zorba/build/test/rbkt/testdriver 
zorba/parsing_and_serializing/parse-fragment-skip-root-47.xq
  ==31358== 
  test zorba/parsing_and_serializing/parse-fragment-skip-root-47
  === Query: ===
  import module namespace z = "http://www.zorba-xquery.com/modules/xml";;
  import schema namespace opt = 
"http://www.zorba-xquery.com/modules/xml-options";;

  z:parse("<root>
    <test/>
    <test/>
    </bad>
  </root>
  ",
    <opt:options>
      <opt:parse-external-parsed-entity opt:skip-root-nodes="0"/>
    </opt:options>
  )

  === end of Query ===
  save execution plan in 1.900000 sec
  load execution plan in 0.630000 sec
  ==31358== Invalid read of size 8
  ==31358==    at 0x5E4AB4A: 
zorba::simplestore::XmlTree::removeType(zorba::simplestore::XmlNode const*) 
(node_items.cpp:242)
  ==31358==    by 0x5E4C91F: zorba::simplestore::XmlNode::destroyInternal(bool) 
(node_items.cpp:877)
  ==31358==    by 0x5E4C882: zorba::simplestore::XmlNode::destroyInternal(bool) 
(node_items.cpp:860)
  ==31358==    by 0x5E4C65E: zorba::simplestore::XmlNode::destroy(bool) 
(node_items.cpp:819)
  ==31358==    by 0x5EE7290: zorba::simplestore::FastXmlLoader::abortload() 
(loader_fast.cpp:177)
  ==31358==    by 0x5EEDD01: 
zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&) 
(loader_dtd.cpp:322)
  ==31358==    by 0x5F12F3F: 
zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&, 
zorba::store::LoadProperties const&) (store.cpp:1014)
  ==31358==    by 0x5AA44C4: 
zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (parse_fragment_impl.cpp:230)
  ==31358==    by 0x5892CD0: 
zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (plan_iterator.h:535)
  ==31358==    by 0x5B54712: 
zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, 
zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
  ==31358==    by 0x5B540A8: 
zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) 
(plan_wrapper.cpp:151)
  ==31358==    by 0x5481E54: 
zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, 
std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
  ==31358==  Address 0xabc2c48 is 56 bytes inside a block of size 184 free'd
  ==31358==    at 0x4C2A4BC: operator delete(void*) (in 
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==31358==    by 0x5EE7216: zorba::simplestore::FastXmlLoader::abortload() 
(loader_fast.cpp:165)
  ==31358==    by 0x5EEDD01: 
zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&) 
(loader_dtd.cpp:322)
  ==31358==    by 0x5F12F3F: 
zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&, 
zorba::store::LoadProperties const&) (store.cpp:1014)
  ==31358==    by 0x5AA44C4: 
zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (parse_fragment_impl.cpp:230)
  ==31358==    by 0x5892CD0: 
zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (plan_iterator.h:535)
  ==31358==    by 0x5B54712: 
zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, 
zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
  ==31358==    by 0x5B540A8: 
zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) 
(plan_wrapper.cpp:151)
  ==31358==    by 0x5481E54: 
zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, 
std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
  ==31358==    by 0x5481B58: 
zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, 
std::ostream&) (serializer.cpp:2734)
  ==31358==    by 0x541FA38: zorba::XQueryImpl::serialize(std::ostream&, 
zorba::rchandle<zorba::PlanWrapper>&, Zorba_SerializerOptions const*) 
(xqueryimpl.cpp:1305)
  ==31358==    by 0x541ECA5: zorba::XQueryImpl::execute(std::ostream&, 
Zorba_SerializerOptions const*) (xqueryimpl.cpp:1131)
  ==31358== 
  ==31358== Invalid read of size 8
  ==31358==    at 0x5E4AB76: 
zorba::simplestore::XmlTree::removeType(zorba::simplestore::XmlNode const*) 
(node_items.cpp:244)
  ==31358==    by 0x5E4C91F: zorba::simplestore::XmlNode::destroyInternal(bool) 
(node_items.cpp:877)
  ==31358==    by 0x5E4C882: zorba::simplestore::XmlNode::destroyInternal(bool) 
(node_items.cpp:860)
  ==31358==    by 0x5E4C65E: zorba::simplestore::XmlNode::destroy(bool) 
(node_items.cpp:819)
  ==31358==    by 0x5EE7290: zorba::simplestore::FastXmlLoader::abortload() 
(loader_fast.cpp:177)
  ==31358==    by 0x5EEDD01: 
zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&) 
(loader_dtd.cpp:322)
  ==31358==    by 0x5F12F3F: 
zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&, 
zorba::store::LoadProperties const&) (store.cpp:1014)
  ==31358==    by 0x5AA44C4: 
zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (parse_fragment_impl.cpp:230)
  ==31358==    by 0x5892CD0: 
zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (plan_iterator.h:535)
  ==31358==    by 0x5B54712: 
zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, 
zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
  ==31358==    by 0x5B540A8: 
zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) 
(plan_wrapper.cpp:151)
  ==31358==    by 0x5481E54: 
zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, 
std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
  ==31358==  Address 0xabc2c48 is 56 bytes inside a block of size 184 free'd
  ==31358==    at 0x4C2A4BC: operator delete(void*) (in 
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==31358==    by 0x5EE7216: zorba::simplestore::FastXmlLoader::abortload() 
(loader_fast.cpp:165)
  ==31358==    by 0x5EEDD01: 
zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&) 
(loader_dtd.cpp:322)
  ==31358==    by 0x5F12F3F: 
zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int,
 std::char_traits<char>, std::allocator<char> > > const&, 
zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, 
std::char_traits<char>, std::allocator<char> > > const&, std::istream&, 
zorba::store::LoadProperties const&) (store.cpp:1014)
  ==31358==    by 0x5AA44C4: 
zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (parse_fragment_impl.cpp:230)
  ==31358==    by 0x5892CD0: 
zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&,
 zorba::PlanState&) const (plan_iterator.h:535)
  ==31358==    by 0x5B54712: 
zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, 
zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
  ==31358==    by 0x5B540A8: 
zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) 
(plan_wrapper.cpp:151)
  ==31358==    by 0x5481E54: 
zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, 
std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
  ==31358==    by 0x5481B58: 
zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, 
std::ostream&) (serializer.cpp:2734)
  ==31358==    by 0x541FA38: zorba::XQueryImpl::serialize(std::ostream&, 
zorba::rchandle<zorba::PlanWrapper>&, Zorba_SerializerOptions const*) 
(xqueryimpl.cpp:1305)
  ==31358==    by 0x541ECA5: zorba::XQueryImpl::execute(std::ostream&, 
Zorba_SerializerOptions const*) (xqueryimpl.cpp:1131)
  ==31358== 
  The following execution error occurred as expected:
  http://www.w3.org/2005/xqt-errors:FODC0006: 
http://www.w3.org/2005/xqt-errors:FODC0006invalid content passed to 
parse-xml:parse(): loader parsing error: Opening and ending tag mismatch: root 
line 0 and bad
  [line 4][column 1][file 
zorba/sandbox/test/rbkt/Queries/zorba/parsing_and_serializing/parse-fragment-skip-root-47.xq]
  testdriver: test runtime was 9268363us
  testdriver: success
  ==31358== 
  ==31358== HEAP SUMMARY:
  ==31358==     in use at exit: 2,368 bytes in 2 blocks
  ==31358==   total heap usage: 26,474 allocs, 26,472 frees, 12,336,013 bytes 
allocated
  ==31358== 
  ==31358== LEAK SUMMARY:
  ==31358==    definitely lost: 128 bytes in 1 blocks
  ==31358==    indirectly lost: 2,240 bytes in 1 blocks
  ==31358==      possibly lost: 0 bytes in 0 blocks
  ==31358==    still reachable: 0 bytes in 0 blocks
  ==31358==         suppressed: 0 bytes in 0 blocks
  ==31358== Rerun with --leak-check=full to see details of leaked memory
  ==31358== 
  ==31358== For counts of detected and suppressed errors, rerun with: -v
  ==31358== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 2 from 2)

To manage notifications about this bug go to:
https://bugs.launchpad.net/zorba/+bug/1020953/+subscriptions

-- 
Mailing list: https://launchpad.net/~zorba-coders
Post to     : zorba-coders@lists.launchpad.net
Unsubscribe : https://launchpad.net/~zorba-coders
More help   : https://help.launchpad.net/ListHelp

Reply via email to